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(54) Provisioning computing services via an online networked computing environment 



(57) A system and method for allowing user access 
to software applications, data storage and retrieval, and 
electronic mail and messaging services in a networked 
computing environment are provided. The need for soft- 
ware installation, upgrade, and version control, and the 
need for certain hardware upgrades are eliminated by 
providing software and data storage and retrieval to a 
user or to groups of users from a remote terminal server 
via a networked computing environment. Software ap- 



plications, data and electronic mail and messaging serv- 
ices are stored, maintained and operated at a remote 
terminal server and are provided to the user over the 
Internet or over an intranet ot an organization such as 
a company or educational institution. Data is stored and 
secured at a remote file server, and web operations are 
provided by a remote web server. The backend of the 
system, including the terminal servers, file servers and 
web servers is managed and secured by a domain con- 
troller. 
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Description 

TECHNICAL FIELD 

[0001 ] The present invention generally relates to net- 5 
worked computing. More particularly, the present inven- 
tion relates to providing user access to software appli- 
cations, data storage and retrieval, electronic mail and 
messaging, operating system functionality, and the like 
over an Internet-based or intranet-based networked 10 
computing environment. 

BACKGROUND OF THE INVENTION 

[0002] In recent years, the use of computers in all as- 15 
pects of business, education, entertainment, and the 
like, has increased dramatically. A high demand has fol- 
lowed for more advanced and efficient computer hard- 
ware and software. It is often the case that home or small 
business computer users must update their computer 20 
operating systems to handle new software, only to find 
that the computer lacks sufficient memory capacity for 
the new operating system and software. Equally prob- 
lematic, the computer user often finds that their compu- 
ter lacks sufficient memory to store the very data gen- 25 
erated or manipulated by the desired operating system 
or software. 

[0003] For example, say the user is an individual 
home computer user. The user has a variety of software 
applications loaded on her home computer. The user so 
stores and retrieves data on her computer, and the user 
uses electronic mail and messaging services through 
software stored on her computer. If a new version of the 
user's software is developed, or if an upgrade is devel- 
oped by the manufacturer of the software to enhance 35 
performance or functionality or to solve a problem with 
a previous version , the user must obtain the new version 
and load it on to her computer. If the user's computer 
lacks sufficient memory, or if the user's operating system 
is incompatible or insufficient, the user may have diffi- 40 
culty. The user may be required to upgrade the memory 
and the operating system on her computer. Even if the 
user's computer has sufficient memory capacity and 
hardware to enable the user to upgrade the user's com- 
puter operating system or software applications, often 45 
the user's computer lacks sufficient memory to store and 
retrieve the very data the user desires to enter, store 
and manipulate with the user's computer. For on-line 
services, computer users are required to select an on- 
line service provider and insure that their computer so 
hardware and software will handle the demands of the 
on-line computing. 

[0004] Organizations of varying size, such as compa- 
nies and educational institutions have similar technical 
concerns, but on a broader scale. Some organizations ss 
operate hundreds or even thousands of individual com- 
puters networked to each other via an intranet operated 
and administered by the organization. Such organiza- 



tions typically require the expenditure of significant re- 
sources for information technology personnel and for 
maintaining data storage, back-up of data storage, soft- 
ware installation and upgrade, and hardware upgrade 
to enable software upgrade and data storage. System 
failures often occur in numerous locations throughout 
the organization requiring the dispersal of limited re- 
sources and time. 

[0005] A major problem for such organizations at- 
tempting to implement application services has been the 
tremendous cost of the learning curve for operations 
personnel. Computing operations personnel typically 
must become familiar with all the intricacies of software 
application products before the products may be de- 
ployed on the organization's computer system. Answers 
to technical problems often are spread among several 
sources with no central location or source to draw from. 
All users, including individuals and organizations and or- 
ganizations must maintain security over data and valu- 
able software. 

[0006] It is with respect to these considerations and 
others that the present invention has been made. 

SUMMARY OF THE INVENTION 

[0007] In accordance with the present invention, the 
above-identified problems are solved by a system and 
method for providing computer user access to comput- 
ing services, including operating systems, software ap- 
plications, data storage and retrieval, electronic mail 
and messaging services, and data and software security 
in an on-line networked computing environment. The 
need for software installation, upgrade, and version con- 
trol, and the need for certain hardware upgrades are 
eliminated by providing software and data storage and 
retrieval to a user or to groups of users from a remote 
terminal server via a networked computing environ- 
ment. Software applications, data and electronic mail 
and messaging services are linked to, stored, main- 
tained and operated within a remote terminal server in 
combination with a file server, other terminal servers, 
and domain controllers, and are provided to the user 
over the Internet or over an intranet of an organization 
such as a company or educational institution. Data is 
stored and secured at a remote file server, and web op- 
erations are provided by a remote web server. The back- 
end of the system, including the terminal servers, file 
servers and web servers is managed and secured by a 
domain controller. 

[0008] More particularly, a method and system for 
providing computing services in a networked computing 
environment are provided. A computing device, such as 
a personal computer operated by a user, is provided with 
a software module from a remote computing device, 
such as a terminal server, for allowing exchange of data 
between the computing device and the remote comput- 
ing device (terminal server). Through the software mod- 
ule, an emulation of an operating system of the remote 
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computing device is provided to the user's computer. 
Additionally, through the software module an emulation 
of the user's computer desktop configuration is passed 
from the remote computing device to the user's comput- 
ing device. Preferably, the software module is an Ac- 
tiveX control. 

[0009] Actions such as keyboard strokes, mouse 
movements and mouse clicks at the user's computer are 
monitored by the operating system of the remote com- 
puting device. In response to the actions at the user's 
computer, the emulation of the operating system and 
desktop configuration provided to the user's computer 
is updated. 

[0010] Preferably, the remote computing device in- 
cludes a number of components including a terminal 
server, a file server, a web server, and a domain con- 
troller. The user's computer is preferably connected to 
the remote computing devices via a networked comput- 
ing environment through the Internet or through an in- 
tranet. 

[0011] In accordance with another aspect of the in- 
vention, software applications may be provided to the 
user's computer from one or more of the remote com- 
puting devices, such as a terminal server. Additionally, 
data entered at the user's computer may be stored on 
and retrievedfrom a remote device, such as thefile serv- 
er. Internet and web services may be provided to the 
user's computer via the remote web server. Preferably, 
the software and hardware components of the net- 
worked computing environment are managed and se- 
cured by the domain controller. 

[0012] The methods may be implemented as a com- 
puter process, a computer system or as an article of 
manufacture, such as a computer program product or 
computer readable medium. The computer program 
product may be a computer storage media readable by 
a computer system and encoding a computer program 
for instructions for executing a computer process. The 
computer program product may also be a propagated 
signal on a carrier readable by a computer system and 
encoding a computer program of instructions for execut- 
ing a computer process. 

[0013] These and other features and advantages, 
which characterize the current invention, will be appar- 
ent from a reading of the following detailed description 
and a review of the associated drawings. It is to be un- 
derstood that both the foregoing general description and 
the following detailed description are exemplary only 
and are not restrictive of the invention as claimed. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0014] 

Fig. 1 illustrates interaction between a computer us- 
er and the components of a distributed networked 
computing environment. 

Fig. 2 illustrates a computer system that provides 



an operating environment for an exemplary embod- 
iment of the present invention. 
Fig. 3 illustrates a screen display of a computer gen- 
erated user interface window showing exemplary 

5 icons and controls. 

Fig. 4 illustrates an operational flow of the steps per- 
formed by the system of the present invention in 
providing computing services to users and groups 
of users in a distributed networked computing envi- 

io ronment. 

DETAILED DESCRIPTION OF THE INVENTION 

[001 5] The present invention provides user access to 

'5 software applications, data storage and retrieval, and 
electronic mail and messaging services in a networked 
computing environment. According to an exemplary em- 
bodiment of the present invention, software installation, 
upgrade, and version control, and certain hardware up- 

20 grades are eliminated at the user level by providing soft- 
ware and data storage and retrieval to a user or groups 
of users from a remote terminal server via a networked 
computing environment. According to the present inven- 
tion, a virtual operating system, software applications, 

25 data and electronic mail and messaging services are 
stored, maintained and operated at a remote terminal 
server and are provided to the user over the Internet or 
over the intranet of an organization such as a company 
or educational institution. 

30 [0016] Referring now to Fig. 1, according to an exem- 
plary embodiment of the present invention, computing 
services including provision of operating system func- 
tionality, software applications and upgrades, on-line 
services, and data storage and retrieval are provided to 

35 a user 105 via a networked computing operating envi- 
ronment 100. The user 105, using a computing device, 
such as a computer 20, described below, logs on to an 
Internet or intranet based services site of a computing 
application and data service provider at a terminal serv- 

io er 160 via the Internet 120. The user 105 needs only 
have an Internet browser to connect to the networked 
computing environment 100 and the services of the 
computer services provider 165. For purposes of this 
description, the user 1 05 may be defined as a single us- 

45 er, a plurality of users, a group of users, or an organiza- 
tion, such as a company or other institution. The com- 
puter services provider 165 may be any person or or- 
ganization that provides computing services and who 
would like to make those services available to users in 

50 accordance with the present invention. Exemplary com- 
puter services providers 1 65 may include software pro- 
viders, Internet service providers, database and file stor- 
age providers, and the like. According to an exemplary 
embodiment of the present invention, once the user 1 05 

55 is connected to the services provider 1 65, all computing 
services necessary for the efficient and the productive 
use by the user are provided from remote computing de- 
vices, including remote terminal servers, file servers, 
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web servers and domain controllers. 
[0017] The remote terminal services include a 
number of terminal servers 1 60, 1 70, 1 80 for providing 
software applications and remote desktop functionality 
and display. A file server 150 is provided for remotely 
maintaining user data and individual and organization 
user profile information. A web server 140 provides on- 
line services and electronic mail and messaging servic- 
es. A domain controller 130 provides directory services, 
security, and general management of clusters of net- 
work components such as terminal servers 160, 170, 
180. 

[0018] Underthe present invention, the user's individ- 
ual computer orthe organization's network of computers 
serve as client machines in the networked computing 
environment 100. That is, once the user or users log on- 
to the services of the computing services provider via 
the Internet 120, the user's machine is provided an em- 
ulation of the terminal server computer operating sys- 
tem, and the user's desired computer desktop settings 
are displayed to the user regardless of when the user 
logs on, from where the user logs on, orfrom which com- 
puter the user logs on . All software applications utilized 
by the user are stored, maintained, and upgraded at a 
remote terminal server 160, 170, 180 which eliminates 
the need for software purchase, download, or upgrade 
by the user on the user's local computer. 
[0019] Data entered, stored, and manipulated by the 
user is maintained on a remote file server 1 50 that elim- 
inates the need forthe user to back up, secure, and pro- 
vide adequate memory capacity forthe user's data. On- 
line services and electronic mail and messaging servic- 
es are provided to the user via a terminal server session 
in combination with a remote web server 140 via the In- 
ternet. And, all the aforementioned services are secured 
and managed by the computing services provider 165 
selected by the user via the domain controller 1 30 which 
oversees operation of the networked computing envi- 
ronment 100, described herein. According to an alter- 
native embodiment, these services may be secured and 
managed by a management server. An exemplary man- 
agement server is Proxy Server produced by Microsoft 
Corporation of Redmond, Washington. The Proxy Serv- 
er allows users in the networked computing environ- 
ment 1 00, such as computer services providers 1 65, to 
extend their services to the Internet while managing se- 
curity, cost, firewall services, data caching, and services 
management. 

[0020] Fig. 2 and the following discussion are intend- 
ed to provide a brief, general description of a suitable 
computing environment in which the invention may be 
implemented. The invention is described in the general 
context of a distributed computing environment where 
tasks are performed by remote processing devices that 
are linked through a communications network. In a dis- 
tributed computing environment, program modules may 
be located in both local and remote memory storage de- 
vices. Generally, program modules include routines, 
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programs, components, data structures, etc. that per- 
form particular tasks or implement particular abstract 
data types. Moreover, those skilled in the art will appre- 
ciate that the invention may be practiced with other com- 

s puter system configurations, including hand-held devic- 
es, multiprocessor systems, microprocessor-based or 
programmable consumer electronics, minicomputers, 
mainframe computers, and the like. 
[0021] With reference to Fig. 2, an exemplary system 

10 for implementing the invention includes a conventional 
personal computer 20, including a processing unit 21 , a 
system memory 22, and a system bus 23 that couples 
the system memory to the processing unit 21 . The sys- 
tem memory 22 includes read only memory (ROM) 24 
and random access memory (RAM) 25. A basic input/ 
output system 26 (BIOS), containing the basic routines 
that help to transfer information between elements with- 
in the personal computer 20, such as during start-up, is 
stored in ROM 24. The personal computer 20 further in- 

20 eludes a hard disk drive 27, a magnetic disk drive 28, e. 
g., to read from or write to a removable disk 29, and an 
optical disk drive 30, e.g., for reading a CD-ROM disk 
31 or to read from or write to other optical media. The 
hard disk drive 27, magnetic disk drive 28, and optical 

25 disk drive 30 are connected to the system bus 23 by a 
hard disk drive interface 32, a magnetic disk drive inter- 
face 33, and an optical drive interface 34, respectively. 
The drives and their associated computer-readable me- 
dia provide nonvolatile storage forthe personal compu- 

30 ter 20. Although the description of computer-readable 
media above refers to a hard disk, a removable mag- 
netic disk and a CD-ROM disk, it should be appreciated 
by those skilled in the art that other types of media which 
are readable by a computer, such as magnetic cas- 

35 settes, flash memory cards, digital video disks, Bernoulli 
cartridges, and the like, may also be used in the exem- 
plary operating environment. 

[0022] A number of program modules may be stored 
in the drives and RAM 25, including an operating system 

40 35, a software application 36, and an Internet browser 
37. A user may enter commands and information into 
the personal computer 20 through a keyboard 40 and 
pointing device, such as a mouse 42. Other input devic- 
es (not shown) may include a microphone, joystick, 

45 game pad, satellite dish, scanner, orthe like. These and 
other input devices are often connected to the process- 
ing unit 21 through a serial port interface 46 that is cou- 
pled to the system bus, but may be connected by other 
interfaces, such as a game port or a universal serial bus 

50 (USB). A monitor 47 or other type of display device is 
also connected to the system bus 23 via an interface, 
such as a video adapter 48. In addition to the monitor, 
personal computers typically include other peripheral 
output devices (not shown), such as speakers or print- 

55 ers. 

[0023] The personal computer 20 may operate in a 
networked environment using logical connections to 
one or more remote computers, such as the terminal 
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servers 1 60, 1 70, 1 80. The remote terminal server 1 60, 
170, 180 may be a computer, a peer device or other 
common network node, and typically includes many or 
all of the elements described relative to the personal 
computer 20, although only a memory storage device 
50 has been illustrated in Fig. 2. The logical connections 
depicted in Fig. 2 include a local area network (LAN) 51 
and a wide area network (WAN) 52. According to an ex- 
emplary embodiment of the present invention, the net- 
worked computing environment 100 may operate as 
part of a LAN 51 or a WAN 52. 
[0024] When used in a LAN networking environment, 
the personal computer 20 is connected to the LAN 51 
through a network interface 53. When used in a WAN 
networking environment, the personal computer 20 typ- 
ically includes a modem 54 or other means for estab- 
lishing communications over the WAN 52, such as the 
Internet. The modem 54, which may be internal or ex- 
ternal, is connected to the system bus 23 via the serial 
port interface 46. In a networked environment, program 
modules depicted relative to the personal computer 20, 
or portions thereof, may be stored in the remote memory 
storage device, such as the terminal servers 160, 170, 
1 80. It will be appreciated that the network connections 
shown are exemplary and other means of establishing 
a communications link between the computers may be 
used. 

[0025] Computing devices, such as personal compu- 
ter 20, typically include at least some form of computer 
readable media. Computer readable media can be any 
available media that can be accessed by personal com- 
puter 20. By way of example, and not limitation, compu- 
ter readable media may comprise computer storage me- 
dia and communication media. Computer storage me- 
dia includes volatile and nonvolatile, removable and 
non-removable media implemented in any method or 
technology for storage of information such as computer 
readable instructions, data structures, program mod- 
ules or other data. Computer storage media includes, 
but is not limited to, RAM, ROM, EEPROM, flash mem- 
ory or other memory technology, CD-ROM, digital ver- 
satile disks (DVD) or other optical storage, magnetic 
cassettes, magnetic tape, magnetic disk storage or oth- 
er magnetic storage devices, or any other medium 
which can be used to store the desired information and 
which can be accessed by personal computer 20. 
[0026] Communication media typically embodies 
computer readable instructions, data structures, pro- 
gram modules or other data in a modulated data signal 
such as a carrier wave or other transport mechanism 
and includes any information delivery media. The term 
"modulated data signal" means a signal that has one or 
more of its characteristics set or changed in such a man- 
ner as to encode information in the signal. By way of 
example, and not limitation, communication media in- 
cludes wired media such as a wired network or direct- 
wired connection^ and wireless media such as acoustic, 
RF, infrared and other wireless media. Combinations of 



any of the above should also be included within the 
scope of computer readable media. Computer readable 
media may also be referred to as computer program 
product. 

5 [0027] Fig. 3 illustrates an exemplary screen display 
of a computer generated user interface window showing 
exemplary icons and controls. As set forth above, in ac- 
cordance with an exemplary embodiment of the present 
invention, use of the functionality of the present inven- 

10 tion begins by the user logging on to the services of the 
computing services provider through an Internet brows- 
er program 37 maintained on the user's computer 20. 
An exemplary Internet browser program 37 includes In- 
ternet Explorer, manufactured by Microsoft Corporation 

is of Redmond, Washington. The first time the user at- 
tempts to log onto the services of the computing servic- 
es provider, the user requests a user account from the 
system administrator of the computing services provider 
selected by the user. The user provides personal profile 

20 information and obtains a password or other authenti- 
cation/identification number of code. Once the user's 
authority to log onto the services of the computing serv- 
ices provider 1 65 selected by the user is authenticated, 
a reusable software module is passed to the user's com- 

25 puter 20 that in turn establishes an online terminal serv- 
er session between the user 105 and the computing 
services provider 165 resident at the terminal server 
1 60. According to an exemplary embodiment, the reus- 
able software component is an ActiveX control 110. 

30 [0028] The ActiveX control 1 1 0 installed on the user's 
computer20viathe user's Internet services browser 37, 
provides for a desktop emulation of the computer oper- 
ating system provided by the computing services pro- 
vider 165 and provides for interaction between the us- 

35 er's computer 20 and hardware and software compo- 
nents of the networked computing environment 100. As 
is known to those skilled in the art, an ActiveX control is 
a reusable software component that may be used for 
interactivity between software components in a net- 

40 worked computing environment regardless of the lan- 
guage in which the components were created. ActiveX 
controls maybe embedded in Internet based web pages 
to produce interactive applications, data objects and 
whole software applications. Once the terminal server 

45 session is established between the user 1 05 and the ter- 
minal server 160, the user's computer 20 will act as a 
client to the terminal server 160 through the ActiveX 
control. 

[0029] The operating system functionality, desktop 
50 presentation and access to software, data and electron- 
ic mail and messaging come through the terminal server 
1 60. The user's experience appears as though the user 
is operating on the terminal server 1 60 itself. The termi- 
nal server 1 60, through the ActiveX control, monitors us- 
55 er actions on the user's computer 20, including key- 
strokes, mouse movement etc. In response to those us- 
er actions, the terminal server 1 60, through the ActiveX 
control, sends the user an emulation of the desktop of 
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the user's computer 20 and provides the user with a dis- 
play on the user's computer screen that is responsive 
to user actions. All actual manipulation of data and op- 
erating system and software activity occurs on the ter- 
minal server 160. According to an exemplary embodi- 
ment of the present invention, the emulation of desktop 
presentation, operating system functionality, and the 
display on the user's computer of software application 
functionality and data is accomplished by sending to the 
user's computer 20, through the ActiveX control, bit- 
maps representing the appropriate and expected dis- 
play on the computer 20. In short, the user's computer 
20 imitates the functionality of the operating system, 
software applications and data operating at the terminal 
server 1 60 on behalf of the user 1 05. 
[0030] Once the user is connected to the remote serv- 
ices of the computing services provider 1 65, the ActiveX 
control installed in the user's computer 20, described 
above, provides the user access to and services of a 
remote computer operating system maintained by the 
computer services provider 165. Additionally, the user 
is provided with remote desktop protocol functionality 
that displays to the user the user's personally defined 
desktop such as the desktop window 300 illustrated in 
Fig. 3. In accordance with an exemplary embodiment of 
the present invention, the desktop window 300 is an em- 
ulation of the user's desktop profile stored and main- 
tained by the computer services provider 165. 
[0031] The desktop window 300, illustrated in Fig. 3, 
contains exemplary icons including the computer set- 
tings icon 31 0, applications icon 320, files icon 330 and 
the Internet browser icon 340. The exemplary desktop 
window 300 also contains an applications window 325. 
According to the present invention, the user 105 sets 
her desktop configuration as desired by placing desired 
icons on the desktop and by configuring menus such as 
the applications window 325 according to the particular 
needs and desires of the user 105. 
[0032] Under the present invention, once the user es- 
tablishes a desired desktop windows 300 presentation, 
as illustrated in Fig. 3, that desktop configuration is 
stored by the computer services provider 1 65 on the file 
server 1 50. Each time the user logs onto the networked 
computing environment 100 via the computer services 
provider 165, the ActiveX control installed on the user's 
computer 20, as described above, causes the user's 
computer 20 to display the user's personally configured 
desktop window 300 as illustrated in Fig. 3. That is, any 
time the user logs onto the services of the computer 
services provider 165 from any location, and from any 
computer, the user's computing experience will be iden- 
tical. 

[0033] The user's personally configured desktop win- 
dow 300 is provided to the user with each icon or other 
graphical user interface in the same position, color set- 
ting, and size set by the user. When the user selects 
applications for use on the user's computer 20, those 
applications selected by the user for provision by the 
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computer services provider 165 are made available to 
the user at the user's computer 20 via the networked 
computing environment 100. 

[0034] When the user stores, retrieves, and manipu- 
s lates data on the user's computer 20, all data storage 
and retrieval will be stored to and retrieved from a re- 
mote file server 150 operated, maintained and secured 
by the computing services provider 165. Anytime an ap- 
plication used by the user 105, in accordance with the 
10 present invention, is updated or repaired, the new ver- 
sion, updated or repaired version will be installed and 
maintained by the computer services provider 165 on 
the terminal server 1 60, 1 70, 1 80. The user will have no 
need to purchase new software or update existing soft- 
's ware or repair existing software. All such software main- 
tenance activity is performed by the computer services 
provider 165 from its remote location without action by 
the user. 

[0035] Referring back to Fig. 1 , asset forth above, the 

20 user 1 05 accesses the services of the computer servic- 
es provider 1 65 via the Internet 1 20 and the remote web 
server 140. It should be understood that the computer 
services provider 165 may take the form of an applica- 
tion services provider that provides to users the func- 

25 tionality of each of the remote components and function- 
ality described herein. Alternatively, the computer serv- 
ices provider 165 may be resident at a terminal server 
160 as illustrated in Fig. 1 and the functionality of the 
other components of the system illustrated, including 

30 the web server 140, additional terminal servers 170, 
180, the domain controller 130, and the file server 150 
may be operated by other organizations or companies 
under the direction of or with access by the computer 
services provider 1 65. 

35 [0036] Alternatively, the networked computing envi- 
ronment, illustrated in Fig. 1 , may be in the form of an 
intranet utilized by an organization such as a company 
or educational institution that finds it necessary to have 
an intra-organization networked computing environ- 

40 ment. In that case, the components of the networked 
computing environment 100 may be maintained within 
a single organization, and the user will obtain the func- 
tionality of the components of the networked computing 
environment via an intranet as opposed to the Internet 

45 1 20. For purposes of the following description of the ex- 
emplary embodiments of the present invention, Internet 
and intranet are used interchangeably to describe the 
method and system by which users access the function- 
ality and components of the networked computing envi- 

50 ronment 1 00 whether that functionality and those com- 
ponents are operated by a remote third party computer 
services provider 1 65 or whether those components are 
operated and those services are provided by a system 
administrator resident at an organization to which the 

55 user belongs. 

[0037] The Internet 120 is well understood by those 
skilled in the art as a world wide collection of networks 
and gateways through which individuals and organiza- 
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tions may communicate and transfer back and forth da- 
ta, software, and information. As should be understood 
by those skilled in the art, the functionality of the Internet 
120 illustrated in Fig. 1 may also be provided by an in- 
tranet in an organization or educational institution, for 
example, utilizing the functionality of the present inven- 
tion via an intra-organizational intranet. An intranet, in 
the case of intra-organization networks, is also well 
known to those skilled in the art and includes, for exam- 
ple private networks based on Internet protocols, but de- 
signed for information management within the company 
organization. It should also be understood, that an in- 
tranet of an organization of any size may operate as the 
user 105 of the present invention where services pro- 
vided to the intranet of that organization are ultimately 
provided from remote terminal services according to the 
present invention and via the Internet 120 as illustrated 
in Fig. 1. 

[0038] In the case of Internet-based operation of an 
exemplary embodiment of the present invention, user 
access to the on-line services of the computer services 
provider 165 is made through the web server 140. The 
user 1 05 communicates with the computer services pro- 
vider 1 65 through an Internet browser program 37 main- 
tained on the user's computer 20. The web server 1 40 
contains software that uses Internet-based protocols, 
such as hypertext transfer protocol (HTTP), to serve 
documents and associated files and software scripts to 
the user when requested by the user via the user's web 
browser. Exemplary web server software includes Inter- 
net Information Server (ISS) manufactured by Microsoft 
Corporation of Redmond, Washington, which utilizes 
hypertext transfer protocol to deliver World Wide web 
documents and information between the user 105 and 
remote users or organizations such as the computer 
services provider 1 65 through the web server 140. 
[0039] Once a terminal server session is established 
between the user 105 and the computer services pro- 
vider 165 via the networked computing environment 
1 00, all user files, data and user profiles are stored and 
secured on the file server 150 under the control of the 
domain controller 130, described below, at the direction 
of the computer services provider 165. According to an 
exemplary embodiment, user profiles include the user's 
desired desktop configuration, described above, the us- 
er's authorities and permissions for access to the serv- 
ices of the computer services provider 1 65 and informa- 
tion on the types of services subscribed to by the user. 
That is, the profiles contain information as to the number 
and types of software applications 36, 172, 174 sub- 
scribed to by the user, electronic mail and messaging 
services subscribed to by the user, and the amount of 
data storage subscribed to by the user. 
[0040] In the case of data storage, in accordance with 
an exemplary embodiment of the present invention, the 
user may select a particular amount of memory capacity 
for data and file storage through the computer services 
provider 165. This is advantageous because the user 



need only subscribe to the amount of memory capacity 
for data and file storage at the file server 1 50 as is nec- 
essary according to the user's individual or company 
needs. Alternatively, as the user 1 05 fills or begins to fill 
s all the subscribed memory capacity at the file server 
150, the user 105 may contact the computer services 
provider 165 to obtain additional memory capacity. In so 
doing, the user 105 avoids the necessity of upgrading 
the memory capacity of the user's personal computer 
10 20 or in the case of a company or other organization, 
the company or organization eliminates the need for 
wide-scale upgrades in the memory capacity of their in- 
dividual computing machines. Referring to Fig. 1 , ac- 
cording to a preferred embodiment of the present inven- 
ts tion, data and files are stored in the file server 150 in a 
hierarchical folder structure. One root folder 151 con- 
tains data folders 152, 154 for hosted companies and 
hosted individuals while another rootfolder 1 57 contains 
user profiles 158 for individual and company users. 
20 [0041] The networked computing environment 100 in- 
cludes a number of terminal servers 1 60, 1 70, 1 80, as 
described above. The terminal servers contain the soft- 
ware and administrative functionality of the computer 
services provider 1 65 and contain the software applica- 
25 tions 1 72, 1 74 to which the user 1 05 has access via the 
networked computing environment 1 00. It should be un- 
derstood by those skilled in the art that the number of 
terminal servers 160, 170, 180 is determined by the 
number of concurrent users 105 and/or the number of 
30 servers dedicated to particular applications. That is, the 
larger the number of users and the more numerous and 
complexthe numbers and types of software applications 
and functionality provided to the users 105, the more 
terminal servers 160, 170, 180 will be required for the 
35 efficient operation of the networked computing environ- 
ment. 

[0042] As manufacturers of given software applica- 
tions 1 72, 1 74 change versions of those given software 
applications, or upgrade those applications with correc- 
40 tive software modules, often known as "patches", the 
computer services provider 1 65, according to an exem- 
plary embodiment of the present invention, makes all 
changes to software applications contained on the ter- 
minal servers 160, 170, 180 utilized by the computer 
45 services provider 1 65 for its users 1 05. The users 1 05 
are not required to make changes or upgrades to the 
software applications on their individual computers 20. 
For example, if a new version of a popular word process- 
ing application is published and distributed by the man- 
so ufacturer of the word processing application, the com- 
puter services provider 1 65 obtains the latest version of 
the word processing application and installs that version 
on one of the terminal servers 1 60, 1 70, 1 80. The next 
time the user 1 05 logs onto the services of the computer 
55 services provider 165 and opens the word processing 
application contained in one of the terminal servers 1 60, 
1 70, 1 80, the user will be presented with the latest ver- 
sion or updated version of the word processing software 
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application. If desired, the computer services provider 
1 65 may issue advanced notices to users 1 05 of coming 
version changes and corrections to given software ap- 
plications. 

[0043] Terminal servers such as the terminal servers 
1 60, 1 70, 1 80 may be clustered into groups along tech- 
nology or services lines. For example, one cluster of ter- 
minal servers 1 60, 1 70, 1 80 may contain a full suite of 
software applications 1 72, 1 74 directed to desktop com- 
puting operations such as word processing, spread- 
sheet, database, desktop publishing, web page design, 
and like. Other clusters of terminal servers 1 60, 1 70, 1 80 
may include, for example, complex database manage- 
ment software for querying, updating and managing re- 
lational databases. Other clusters of terminal servers 
may include sets of industry specific customized soft- 
ware applications, for example, software applications di- 
rected to accounting systems, medical systems, legal 
systems, etc. 

[0044] According to an exemplary embodiment of the 
present invention, a terminal services connection man- 
agement system is used for balancing the demands of 
users on individual terminal servers 160, 170, 180 and 
on clusters of terminal servers. One aspect of terminal 
services connection management is the management 
of connection of individual and company users to par- 
ticular terminal servers containing software and servic- 
es utilized by the users 105. Management of the con- 
nection between the users and the terminal servers in- 
cludes transparently reconnecting users to original ter- 
minal servers hosting software applications and servic- 
es utilized by the user in a previous terminal server ses- 
sion. For example, if the user 105 is utilizing a word 
processing application resident on the terminal server 
160, the terminal services connection management 
functionality attempts to reconnect the user 105 to the 
terminal server 1 60 in a subsequentterminal server ses- 
sion. 

[0045] Alternatively, if at the time the user 105 logs 
onto the networked computing environment 1 00, the ter- 
minal server 1 60 has no capacity to connect to the user 
105, the terminal services connection management 
functionality may connect the user 105 to a separate ter- 
minal server 170 that contains the application or func- 
tionality desired by the user 105. It is advantageous to 
have multiple terminal servers logically grouped into a 
terminal server cluster, as described above, between 
which a given user 1 05 may be routed for desired serv- 
ices by the terminal services connection management 
functionality. As described below, the terminal services 
connection management functionality is preferably con- 
tained in and operated by the domain controller server 
130. 

[0046] Electronic mail and messaging services are 
provided to the users 105 of the networked computing 
environment 100 through a variety of sources. For ex- 
ample, electronic mail and messaging services may be 
provided by the computer services provider 1 65 or the 



source for electronic mail and messaging services may 
be established within a given organization. A number of 
electronic mail systems may be supported and provided 
to the users 105 via the networked computing environ- 

5 ment 1 00. Exemplary electronic mail systems include 
Post Office Protocol 3 (POP3) that is a standard in com- 
mon use on TCP/IP networks, and Internet Message Ac- 
cess Protocol (IMAP) that is a method for an electronic 
mail program to gain access to electronic mail and bul- 

10 letin board type messages stored on mail servers. Such 
electronic mail systems are well known to those skilled 
in the art. 

[0047] According to an exemplary embodiment, bal- 
ancing the use load on the various servers, such as the 
'5 file server 1 50 and the terminal servers 1 60, 1 70, 1 80 
may be performed by a load balancing software appli- 
cation 1 75 to ensure the networked computing environ- 
ment 1 00 operates in an efficient manner. For example, 
if terminal servers 1 60, 1 70, 1 80 are clustered together 
20 to maintain and operate a suite of software applications 
directed to desktop computing, as described above, the 
load balancing application 1 75 may ensure a proper bal- 
ance of use between the terminal servers in that cluster. 
[0048] In an exemplary embodiment, the load balanc- 
es ing application 1 75 may be resident on a terminal server 
170 as illustrated in Fig. 1. Alternatively, the load bal- 
ancing application 1 75 may be resident on another com- 
ponent of the networked computing environment 100, 
such as the domain controller 130. The load balancing 
30 application 175 may be developed and implemented by 
the computer services provider 1 65 for balancing use of 
services provided by the computer services provider 
165. Alternatively, the load balancing application 175 
may be developed and/or implemented by an applica- 
35 tion service provider or Internet service provider through 
which the computer services provider 165 operates. It 
should be understood that load balancing may be ac- 
complished through a variety of software and/or hard- 
ware solutions that ensure efficient use of services avail- 
40 able through the networked computing environment 
100. 

[0049] As users 1 05 utilize software applications from 
terminal servers, such as the teminal server 1 60, users 
may be reconnected to a particular terminal server after 

45 the users have disconnected from that terminal server 
from a previous session. Where load balancing requires 
that a user be connected to a different terminal server 
containing the same software applications as desired by 
the user, the user may be transferred by the load bal- 

50 ancing application 1 75 transparently to the separate ter- 
minal server 1 70 as management of the terminal servers 
requires.According to an exemplary embodiment of the 
present invention, the interaction of the components and 
functionality of the networked computing environment 

55 100 of the present invention may be managed by the 
domain controller(s) 130. It should be understood that 
a number of domain controllers 130 may be used as 
necessary for the efficient operation of the networked 
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computing enviromnent 1 00. The domain controller 1 30 
may also be responsible for maintaining the directory 
services and security for the backend of the networked 
computing environment 1 00 which includes all the serv- 
er components and functionality accessible by users 
105. 

[0050] The domain controller 130 may be set up as 
two or more domain controllers to provide redundancy 
in the event that one domain controllerfails. It should be 
understood that the number of domain controllers may 
be increased to improve performance and accommo- 
date larger scale systems. Additionally, management 
functions of the domain controller 130 may be split be- 
tween multiple domain controllers. In order to maintain 
security of the networked computing environment 100, 
the domain controller 130 operates a "locked-down" 
state of the terminal servers 160, 170, 180. That is, us- 
ers may only run a restricted set of executable files and 
dynamic link libraries (DLLs). Users have access to only 
their profile data and file data contained in the file server 
150. Users may not browse the backend of the net- 
worked computing environment 100 in any manner or 
prevent access to the profiles and data of other users. 
The domain controller 130 may also be used to prevent 
the viewing of the actual locations of data files or the 
gaining of knowledge of others using the system regard- 
ing the locations or contents of data files. The security 
and privacy of the backend of the networked computing 
operating environment which includes the domain con- 
troller 130, the web server 140, the file server 150, and 
the terminal servers 160, 170, 180, is accomplished 
through a directory services system 135 operated by the 
domain controller 130. 

[0051] A directory services system 135 operated by 
the domain controller 130, such as Active Directory, 
manufactured by Microsoft Corporation of Redmond, 
. Washington, provides for tracking of network-based en- 
tities such as applications, files, devices (printers, etc.), 
and users. The directory services system acts as a 
switchboard of the network operating system to oversee 
the transfer of data to and from users and between com- 
ponents such as the file server 150 and the terminal 
servers 160, 170, 180. The directory services system 
maintained and operated by the domain controller 130 
establishes and controls the relationships between the 
distributed resources including the users, their data, and 
applications utilized by the users to enable these re- 
sources to work together securely and efficiently. 
[0052] Additionally, as described below, the directory 
services system of the domain controller 130 allows us- 
ers 105 with a single sign-on to the networked comput- 
ing environment 100 and provides system administra- 
tors of the computer services provider 165 or of organ- 
izations in a intranet-based networked computing envi- 
ronment to manage security services for internal desk- 
top users, remote dial-up users, and external e-com- 
merce customers. 

[0053] Referring back to Fig. 1 , the directory services 
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system 135 of the domain controller 130 organizes and 
stores information on the various users 1 05 of the net- 
worked computing environment 1 00 in a hierarchical ob- 
ject-oriented fashion. That is, the domain controller 130 
s through its use of directory services uses objects to rep- 
resent network resources such as users, groups of us- 
ers, machines, devices, and software applications. As 
is well known to those skilled in the art, objects may be 
any data or module comprised of computer software 
'0 routines that may be treated as a discrete entity. 

[0054] As shown in Fig. 1 , the directory services sys- 
tem 135 of the domain controller 130 uses containers to 
represent users and/or organizations, such as user 152 
and organization 154, or collections of related objects 
'5 under the container devices such as data 158 under the 
root folder or container 157. The information is organ- 
ized in a tree structure made up of these objects in con- 
tainers, similar to the way that some operating systems 
use folders and files to organize information on a com- 
20 puter. According to a preferred embodiment, the direc- 
tory services system 135 is structured according to two 
types of organizational units (OU), service and busi- 
ness. For example, several related software applica- 
tions 172, 174 may be nested under a service organi- 
25 zational unit 1 71 . This structure allows several client us- 
ers to use the same applications under the applications 
service organizational unit. Under business organiza- 
tional units, each user or organization has an organiza- 
tional unit, such as users 106, 107 under business or- 
30 ganizational unit 152. 

[0055] The directory services system 135 of the do- 
main controller 130 stores information about the net- 
work elements in the form of objects. These objects can 
be assigned attributes that describe specific character- 
's (sties about the object. Accordingly, a wide range of in- 
formation may be stored in the directory of the domain 
controller 130 to tightly control access to individual ob- 
jects. For example, each of the software applications 
172, 174 resident on the terminal server 170 may be 
40 stored as objects of that terminal server 1 70. By main- 
taining specific information in the directory services of 
the domain controller 130 as to which software applica- 
tions a particular user has subscribed to for use, the do- 
main controller 1 30 can manage access to the software 
45 applications requested by and used by the user 1 05. Ac- 
cordingly, attributes assigned to a given software appli- 
cation object of the applications containers in the termi- 
nal server 1 70 might include the user's name, address, 
and information regarding the user's subscription to that 
50 software application, such as number of copies the user 
may use and the duration of the user's subscription pe- 
riod. 

[0056] To provide security for the networked comput- 
ing environment 100, the directory services system 135 
55 of the domain controller 130 provide a single sign-on to 
the networked computing environment 1 00 and by lock- 
ing-down desktop configurations of individual users and 
preventing access to user machine operations such as 
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software installation or registry editing of software ap- 
plications and registries maintained on remote terminal 
servers, such as terminal servers 160, 170, 180. The 
directory services system 135 of the domain controller 
also sets access control privileges on directory objects 
throughout the backend of the networked computing en- 
vironment 1 00 so that individual users or groups of users 
may only have access to specific objects including data, 
software applications, etc., to which those users or 
groups of users have subscribed access and use. Se- 
curity of data maintained in the file server 150 is main- 
tained by the directory services system 135 of the do- 
main controller 130 by governing authentication of user 
identity in controlling access to network resources such 
as the file server 1 50 and the terminal servers 1 60, 1 70, 
180. 

[0057] Once a user is authenticated and logged onto 
the networked computing environment 100 all resourc- 
es of the system are protected and access is granted or 
denied based on the user's specific authorizations to uti- 
lize specific components and functionality contained 
therein. According to a preferred embodiment, the di- 
rectory services system 135 of the domain controller 
130 may allow users and organizations to securely ex- 
tend selected directory information including file infor- 
mation and data beyond their organization or secured 
files to extranet users and e-commerce customers to al- 
low those users and customers access to selected data 
and software. 

[0058] It should be understood by those skilled in the 
art that the networked computing environment 1 00 may 
be operated by a given application service provider or 
Internet service provider or other computer services pro- 
vider 165. Accordingly, management of the networked 
computing environment 1 00 is performed by system ad- 
ministrators of such organizations through management 
of the directory services system 135 of the domain con- 
troller 1 30. Alternatively, a number of computer services 
providers 165 may be resident in a single networked 
computing environment controlled by a larger computer 
services provider 165. That is, a number of computer 
services providers may be nested within the networked 
computing environment 1 00 to provide services to their 
users 105 through a larger computer services provider 
that manages the services, functionality and security of 
the system through the domain controller 130. 
[0059] As described above, after a user or group of 
users have subscribed to the services of a given com- 
puter services provider 1 65, the users or groups of users 
may log onto a networked computing environment 100 
for access to those services. Fig. 5 illustrates an oper- 
ational flow of the steps performed by the system of the 
present invention in connecting a user to the networked 
computing environment 1 00 and in providing computing 
services to users and groups of users in a distributed 
networked computing environment. 
[0060] The operational flow of steps begins at step 
500 and moves to step 505 where the user logs onto the 



networked computing environment 100 by requesting 
access to the services of the user's computer services 
provider 1 65 through the Internet-based web page of the 
computer services provider 1 65. At step 51 0, the user's 

5 logon request is forwarded to the domain controller 1 30 
for authentication. At step 515, the domain controller 
queries the userfor logon information. As should be un- 
derstood to those skilled in the art, the logon information 
may contain a number of different types of information 

10 designed to properly authenticate the user including a 
password, a user identification number, address infor- 
mation, private codes, etc. At step 520, the user pro- 
vides the required authentication information and, at 
step 525, the domain controller authenticates the user 

'5 and opens a connection between the user and the com- 
puter services provider 165 as a single-logon procedure 
managed by the domain controller 1 30 through its direc- 
tory services system 135 functionality. 
[0061] At step 530, the computer services provider 

20 165 returns on-line a computing services web page to 
the user 105. The on-line services web page installs 
from the terminal server 160 of the computer services 
provider 1 65 an ActiveX control onto the user's compu- 
ter 20. As described above, the ActiveX control installs 

25 onto the user's computer 20 and provides an emulation 
of the desired operating system and provides the user 
access to the computer services provider 1 65 for the us- 
er's desktop profile, software applications and data. 
[0062] At step 540, the computer services provider 

30 1 65 requests logon information from the user. It should 
be understood that the logon to the computer services 
provider 1 65 is separate from the logon to the networked 
computing environment 100, when the computer serv-. 
ices provider 1 65 is one of a number of computer serv- 

35 ices providers operating on the networked computing 
environment 100. However, if the computer services 
provider 165 is the only services provider on the net- 
worked computing environment 1 00, a single logon and 
authentication procedure may be used to log directly on- 

40 to the services of the computer services provider 165 
through the domain controller 130. 
[0063] At step 545, the user provides logon informa- 
tion to the computer services provider 165. At step 550, 
the computer services provider 1 65 queries the domain 

45 controller for information on the user to properly authen- 
ticate the user by matching the information provided by 
the user 105 to information maintained by the domain 
controller 130. 

[0064] After the user has been properly authenticated 
50 as having access to the services of the computer serv- 
ices provider 165, the domain controller 130 begins 
management of the services to be provided to the user 
1 05 by determining whether the user has previously dis- 
connected from a terminal server session. If so, the user 
55 105 is reconnected to the same terminal server 160, 
170, 180 so that the user's utilization of services of the 
computer services provider 165 are transparent to the 
user upon log on. Reconnection of the user to the pre- 
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viously connected terminal server is directed by the load 
balancing application 175, as described above. Ifforthe 
sake of load balancing it is necessary to direct the user 
to the desired functionality maintained at a separate ter- 
minal server 180, the load balancing application 175 
may do so to efficiently manage the network resources. 
Accordingly, if at step 555 the user has been previously 
disconnected from a terminal server session, the user 
may be reconnected to the terminal server in use at step 
560 if efficient load balancing allows. 
[0065] If at step 555, the user 1 05 has not been dis- 
connected or has not disconnected from a previous ter- 
minal server session of the computer services provider 
1 65, logon continues at step 565, and the user is passed 
to the terminal server of the computer services provider 
1 65 for provision to the user of the user's desktop profile 
and for connection of the user to desired data and ap- 
plication functionality. It should be understood that 
where the user has not disconnected from a previously 
in-use terminal server, the user will be redirected to an 
appropriate terminal server for provision to the user of 
desired software application functionality and data in a 
way that efficiently balances utilization of the network 
resources. That is, the load balancing application 175 
will assign the user to a given terminal server 1 60, 1 70, 
180 containing the desired functionality and data, but 
that also has utilization capacity for the user 105. 
[0066] At step 575, the computer services provider 
1 65 opens a dialog with the user's computer 20 through 
the ActiveX control 110 so as to provide the user with 
the user's desktop profile and data and software appli- 
cations, At step 580, the computerservices provider 1 65 
queries the file server 150 for the user's profiles and 
desktop configuration. Once the user is provided with 
the user's desktop profile, the user's desktop will be dis- 
played on the user's computer as described above with 
reference to Fig. 3. That is, the user's desktop will be 
displayed in the exact configuration set by the user and 
desired by the user. Regardless of the location of the 
user or even the computer utilized by the user, so long 
as the computer is compatible with the technology of the 
computer services provider, the desktop of the user will 
appear the same giving the user a satisfying and trans- 
parent user experience from any remote location. Like- 
wise, all software applications subscribed to by the user 
and all data files maintained by the user will be acces- 
sible through the user's desktop from any remote loca- 
tion from which the user logs on. 
[0067] At step 585, the domain controller 1 30 through 
its directory services system 135 establishes paths to 
the user's files, data, applications and electronic mail 
and messaging services for use by the user 1 05. At step 
590, the domain controller secures and maintains the 
components and resources of the networked computing 
environment 1 00 from unauthorized access and/or use 
by the user 105. 

[0068] As described herein The present invention pro- 
vides user access to software applications, datastorage 
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and retrieval, and electronic mail and messaging serv- 
ices in a networked computing environment via the In- 
ternet orvia an intranet. The above specification, exam- 
ples and data provide a complete description of the 
5 manufacture and use of the composition of the inven- 
tion. Since many embodiments of the invention can be 
made without departing from the spirit and scope of the 
invention, the invention resides in the claims hereinafter 
appended. 



Claims 

1 . A method of providing computing services in a net- 
's worked computing environment, comprising the 
steps of: 

providing a computing device a software mod- 
ule from a remote computing device for allow- 

20 ing exchange of data between the computing 

device and the remote computing device; 
providing the computing device, through the 
software module, an emulation of an operating 
system of the remote computing device; 

25 providing the computing device, through the 

software module, an emulation of the comput- 
ing device's desktop configuration, the desktop 
configuration being passed to the computing 
device from the remote computing device; 

30 monitoring actions at the computing device by 

the operating system of the remote computing 
device; 

in response to the actions at the computing de- 
vice, updating the emulation of the operating 
35 system provided to the computing device; and 

in response to the actions at the computing de- 
vice, updating the emulation of the desktop 
configuration provided to the computing device. 

40 2. The method of Claim 1, prior to the step of providing 
a computing device a software module from a re- 
mote computing device, furthercomprises the steps 
of: 

45 connecting a computing device to a remote 

computing device via a networked computing 
environment. 

3. The method of Claim 2, wherein the step of con- 
so necting a computing device to a remote computing 

device via a networked computing environment, fur- 
ther comprises the steps of: 

connecting the computing device to the remote 
55 computing device via the Internet. 

4. The method of Claim 2, wherein the step of con- 
necting a computing device to a remote computing 
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device via a networked computing environment, fur- 
ther comprises the steps of: 



connecting the computing device to the remote 
computing device via an intranet. 



step of providing the software module and the soft- 
ware application through the terminal server. 



13. The method of Claim 1 , further comprising the st 



5. The method of Claim 2, wherein the step of con- 
necting a computing device to a remote computing 
device via a networked computing environment, fur- 
ther comprises the steps of: 

authenticating authority for the computing de- 
vice to connect to the remote computing device. 

6. The method of Claim 1 , wherein the step of provid- 
ing a computing device a software module from a 
remote computing device, further comprises the 
steps of: 

providing the computing device a web page 
from the remote computing device, the web 
page having the software module embedded 
therein. 

7. The method of Claim 6, wherein the remote com- 
puting device includes a web server, and wherein 
the step of providing the computing device a web 
page includes providing the web page through the 
web server. 

8. The method of Claim 6, wherein the software mod- 
ule is an ActiveX control. 

9. The method of Claim 1 , wherein the actions at the 
computing device include keyboard strokes, mouse 
movements, and mouse clicks. 

10. The method of Claim 1 , further comprising the step 
of: 

providing the computing device use of a soft- 
ware application, the software application be- 
ing resident on the remote computing device. 

11. The method of Claim 10, wherein the step of pro- 
viding the computing device use of a software ap- 
plication, further comprises the steps of: 

providing a plurality of software applications 
subscribed to for use by the computing device; 
and 

providing changes to the plurality of software 
applications at the remote computing device. 

12. The method of Claim 11, wherein the remote com- 
puting device includes a terminal server, and 
wherein the step of providing the computing device 
use of a software application, further comprises the 



receiving data from the computing device; 
storing the data received from the computing 
device on the remote computing device; 
10 storing authentication information and the 

desktop configuration on the remote computing 
device; and 

retrieving the data from the remote computing 
device for use by the computing device. 

15 

14. The method of Claim 13, wherein the remote com- 
puting device includes a file server, and wherein the 
steps of storing the data, storing authentication in- 
formation, and storing the desktop configuration, 

20 further include: 

storing the data on the file server, 
storing authentication information and the 
desktop configuration on the file server; and 
25 securing the data received from the computing 

device from unauthorized use by a second 
computing device. 

15. The method of Claim 1 , furthercomprising the steps 
30 of: 

providing electronic mail services to the com- 
puting device from the remote computing de- 
vice; 

35 

16. The method of Claim 1, wherein the remote com- 
puting device includes a domain controller and 
wherein the domain controller performs the steps 
of: 

40 

managing access to the remote computing de- 
vice; and 

securing the remote computing device from un- 
authorized access. 

45 

17. The method of Claim 1 , wherein the remote com- 
puting device includes a plurality of computing de- 
vices, and wherein the method of Claim 1 further 
comprises the steps of: 

50 

determining whether the computing device has 
previously been connected to one of the plural- 
ity of remote computing devices; and 
if so, then the step of connecting a computing 
55 device to a remote computing device includes 

reconnecting the computing device to the one 
of the plurality of remote computing devices. 
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1 8. A method of providing computing services in a net- 
worked computing environment, comprising the 
steps of: 

connecting a computing device to a remote ter- 
minal server via a networked computing envi- 
ronment; 

authenticating authority for the computing de- 
vice to connect to the remote terminal server; 
providing the computing device a software 
module from the terminal server for allowing ex- 
change of data between the computing device 
and the remote terminal server; 
providing the computing device, through the 
software module, an emulation of an operating 
system of the remote terminal server; 
providing the computing device, through the 
software module, an emulation of the comput- 
ing device's desktop configuration, the desktop 
configuration being passed to the computing 
device from the remote terminal server; 
monitoring actions at the computing device by 
the operating system of the remote terminal 

in response to the actions at the computing de- 
vice, updating the emulation of the operating 
system provided to the computing device; 
in response to the actions at the computing de- 
vice, updating the emulation of the desktop 
configuration provided to the computing device; 
providing the computing device use of a soft- 
ware application, the software application be- 
ing resident on the remote terminal server; and 
receiving data at the computing device, and 
storing the data received at the computing de- 
vice on the remote terminal server. 

19. The method of Claim 18, wherein the step of pro- 
viding the computing device use of a software ap- 
plication, further comprises the steps of: 

providing a plurality of software applications 
subscribed to for use by the computing device; 
and 

providing changes to the plurality of software 
applications at the remote terminal server. 

20. A computer readable medium having stored there- 
on computer-executable instructions which when 
executed by a computer, perform the steps of: 

providing a computing device a software mod- 
ule from a remote computing device for allow- 
ing exchange of data between the computing 
device and the remote computing device; 
providing the computing device, through the 
software module, an emulation of an operating 
system of the remote computing device; 



providing the computing device, through the 
software module, an emulation of the comput- 
ing device's desktop configuration, the desktop 
configuration being passed to the computing 
5 device from the remote computing device; 

monitoring actions at the computing device by 
the operating system of the remote computing 
device; 

in response to the actions at the computing de- 
10 vice, updating the emulation of the operating 

system provided to the computing device; and 
in response to the actions at the computing de- 
vice, updating the emulation of the desktop 
configuration provided to the computing device. 

15 

21 . The computer readable medium of Claim 20 having 
stored thereon computer-executable instructions 
which when executed by a computer, prior to the 
step of providing a computing device a software 

20 module from a remote computing device for allow- 
ing exchange of data between the computing de- 
vice and the remote computing device, further per- 
form the steps of: 

25 connecting a computing device to a remote 

computing device via a networked computing 
environment; 

authenticating authority for the computing de- 
vice to connectto the remote computing device; 

30 and 

providing the computing device a web page 
from the remote computing device, the web 
page having the software module embedded 
therein, whereby the software module is an Ac- 

35 tiveX control. 

22. The computer readable medium of Claim 20 having 
stored thereon computer-executable instructions 
which when executed by a computer, further per- 

*o form the steps of: 

providing the computing device use of a soft- 
ware application, the software application be- 
ing resident on the remote computing device; 
45 and 

providing changes to the software application 
at the remote computing device. 

23. The computer readable medium of Claim 20 having 
so stored thereon computer-executable instructions 

which when executed by a computer, further per- 
form the steps of: 

receiving data from the computing device; 
55 storing the data received from the computing 

device at the remote computing device; 
storing authentication information and the 
desktop configuration at the remote computing 
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device; and 

retrieving the data from the remote computing 
device for use by the computing device. 

24. A propagated signal on which is carried computer- 
executable instructions which when executed by a 
computer, perform the steps of: 

providing a computing device a software mod- 
ule from a remote computing device for allow- 
ing exchange of data between the computing 
device and the remote computing device; 
providing the computing device, through the 
software module, an emulation of an operating 
system of the remote computing device; 
providing the computing device, through the 
software module, an emulation of the comput- 
ing device's desktop configuration, the desktop 
configuration being passed to the computing 
device from the remote computing device; 
monitoring actions at the computing device by 
the operating system of the remote computing 
device; 

in response to the actions at the computing de- 
vice, updating the emulation of the operating 
system provided to the computing device; and 
in response to the actions at the computing de- 
vice, updating the emulation of the desktop 
configuration provided to the computing device. 

25. The propagated signal of Claim 24 carrying thereon 
computer-executable instructions which when exe- 
cuted by a computer, prior to the step of providing 
a computing device a software module from a re- 
mote computing device for allowing exchange of 
data between the computing device and the remote 
computing device, further perform the steps of: 

connecting a computing device to a remote 
computing device via a networked computing 
environment; 

authenticating authority for the computing de- 
vice to connect to the remote computing device; 
and 

providing the computing device a web page 
from the remote computing device, the web 
page having the software module embedded 
therein, whereby the software module is an Ac- 
tiveX control. 

26. The propagated signal of Claim 24 carrying thereon 
computer-executable instructions which when exe- 
cuted by a computer, further perform the steps of: 

providing the computing device use of a soft- 
ware application, the software application be- 
ing resident on the remote computing device; 
and 



providing changes to the software application 
at the remote computing device. 

27. The propagated signal of Claim 24 carrying thereon 
computer-executable instructions which when exe- 
cuted by a computer, further perform the steps of: 

receiving data from the computing device; 
storing the data received from the computing 
device at the remote computing device; 
storing authentication information and the 
desktop configuration at the remote computing 
device; and 

retrieving the data from the remote computing 
device for use by the computing device. 

28. A system for providing computing services in a net- 
worked computing environment, comprising: 



2 ° a domain controller operative to authenticate 

authority for a computing device to connect to 
a remote terminal server via a networked com- 
puting environment; 
a remote terminal server operative 

25 

to connect to a computing device; 
to provide the computing device a software 
module for allowing exchange of data be- 
tween the computing device and the re- 
30 mote terminal server; 

to provide the computing device, through 
the software module, an emulation of an 
operating system of the remote terminal 
server; 

35 to provide the computing device, through 

the software module, an emulation of the 
computing device's desktop configuration, 
the desktop configuration being passed to 
the computing device from the remote ter- 

40 minal server; 

to monitor actions at the computing device 
by the operating system of the remote ter- 
minal server; 

to update the emulation of the operating 
45 system provided to the computing device 

in response to the actions at the computing 
device; 

to update the emulation of the desktop con- 
figuration provided to the computing device 
50 in response to the actions atthe computing 

device; 

to provide the computing device use of a 
software application, the software applica- 
tion being resident on the remote terminal 
55 server; and 

a file server operative 
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to receive data from the computing device, 
and 

to store the data received at the computing 
device at the remote terminal server. 

5 

29. The system of Claim 28, wherein the terminal server 
is further operative: 

to provide a plurality of software applications 
subscribed to for use by the computing device; w 
and 

to provide changes to the plurality of software 
applications at the remote terminal server. 



30. The system of Claim 28, whereby the domain con- '5 
trailer is further operative 

to manage access to the terminal server by the 
computing device; and 

to secure theterminalserverfrom unauthorized 20 
access. 



31. The system of Claim 28, wherein the remote termi- 
nal server includes a plurality of terminal servers, 
and whereby the domain controller is further oper- 25 
ative 



to determine whetherthe computing device has 
previously been connected to one of the plural- 
ity of terminal servers; and 30 
if so, then to reconnect the computing device 
to the one of the plurality of terminal servers. 

32. The system of Claim 28, further comprising, 

35 

a web server operative 

to provide a web page, through the terminal 
server, to the computing device, the web page 
containing the software module embedded 
therein. 40 



33. The system of Claim 32, whereby the software mod- 
ule is an ActiveX control. 



45 



50 
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